1. Field
The present disclosure relates to a method and system for cryptography and relates more specifically to a system and method for a symmetric key block cipher. The present disclosure employs multiple symmetric algorithms, variable block sizes, multiple hash functions, and different key lengths. The present disclosure permits a change in the block size, key size, and algorithms for each encrypted block. In this way the encrypted blocks are better protected against unauthorized deciphering.
2. Description of the Related Art
Data encryption systems are well known in the data processing art. Encryption systems fall into two general categories: symmetric (or secret key) and asymmetric (or public key). Symmetric systems use the same secret key for performing the encryption operation and for the decryption operation. One of the best know symmetric encryption algorithms is the Data Encryption Algorithm (DEA) that implements the Data Encryption Standard (DES) as defined by the National Institute of Standards and Technology publications “Data Encryption Standard (DES)”, FIPS PUB 46-2 (1980) and “DES Modes of Operation”, FIOS PUB 81 (1988). In general, such encryption systems operate by using a fixed-length key, performing an encryption operation on a plaintext input block, and produce a ciphertext output block. The receiver of an encrypted message performs a corresponding decryption operation, using the same secret key for decryption, to recover the plaintext block. The DES encryption system utilizes a 56-bit key plus 8 bits for parity checking and the encryption block size is 64-bits.
Asymmetric (or public-key) encryption systems use key pairs, consisting of a private key and a corresponding public key that are not feasibly derivable from one another for encryption and decryption. The public key is the encryption key while the private key is the decryption key and is kept secret. Anyone wishing to send an encrypted message uses the receiver's public key to encrypt a message. Only the receiver will be able to decrypt the message since they are the only one with the corresponding private key. One of the best known asymmetric algorithms is the RSA encryption system named after its inventors Rivest, Shamir, and Adleman.
Symmetric encryption systems possess a similar characteristic which is that they repeatedly perform the same sequence of operations on plaintext input blocks. This technique is referred to as round functions with the algorithms gaining strength by performing the same sequence of operations numerous times.
While there many methods of symmetric key block encryption systems, the most popular methods (for example, DES, CAST, RC5, and Blowfish) are based on Type-2 Fiestel Networks. This scheme consists of dividing the data to be encrypted into two halves and then executing a number of pre-determined rounds, where each round consists of transforming the left half of the data based on the right half of the data and then transforming the right half based on the transformed left half. These transformations are called sub-rounds and are invertible. Different Fiestel network schemes can divide data into unequal parts or several equal sizes. Effectively, with such symmetric encryption schemes, they share the common characteristic of performing the same fixed operations on blocks of data during the entire encryption operation. The symmetric encryption systems mentioned here differ based on the specific functions that are performed within each round function. The specific operations are chosen for speed and strength features.
In view of the above, symmetric encryption systems gain strength by increasing the number of rounds or by increasing the key length. Another way to increase the strength of a symmetric encryption system is to increase the block size. Increasing or varying key sizes and increasing or varying block sizes are two methods that can be used to increase strength and cryptanalysis more difficult. It will be appreciated that when a symmetric encryption system allows varying key sizes and block sizes at the same time, it presents an extremely difficult challenge to anyone attempting to discover the original data from the encrypted result. Existing symmetric key bock algorithms may provide for varying key sizes, block sizes, and the number or rounds, however, these algorithms define a single type of round function and use the function repeatedly.
The present disclosure adds another dimension to symmetric encryption systems, increasing the difficulty and challenge to anyone attempting to discover the original encrypted data from the encrypted result by adding a new variable to the encryption process. The new variable is that instead of using a single type of round function, the present disclosure uses different symmetric algorithms for each round function. The present disclosure varies key sizes, block sizes, and symmetric algorithms to provide additional difficulty and challenge to potential attackers.